Prevent l2tpd from using PMTU discovery, setting the DF bit on all outgoing UDP packets (closes: #471)

SVN-Revision: 3621
19 years ago · 4f22b94e09
parent 7f83bd07b3
commit 4f22b94e09
2 changed files with 26 additions and 1 deletions
--- a/openwrt/package/l2tpd/Makefile
+++ b/openwrt/package/l2tpd/Makefile
@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=l2tpd
 PKG_VERSION:=0.70pre
 PKG_UPSTREAM_VERSION:=0.70-pre20031121
-PKG_RELEASE:=3.1
+PKG_RELEASE:=4.1
 PKG_MD5SUM:=3f2707b6e16a8cb72e7bf64f574202fa

 PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/l/l2tpd
--- a/openwrt/package/l2tpd/patches/05-df-disable.patch
+++ b/openwrt/package/l2tpd/patches/05-df-disable.patch
@ -0,0 +1,25 @@
+Patch to stop l2tpd setting the DF bit on each of the packets it sends.
+Apart from not being useful with L2TP, this also prevents interoperating
+with Cisco IOS over IPSEC.
+
+--- l2tpd-0.70-pre20031121.orig/network.c.orig	2006-04-11 08:50:38.000000000 +0100
+++ l2tpd-0.70-pre20031121.orig/network.c	2006-04-11 08:58:18.000000000 +0100
+@@ -56,6 +56,18 @@
+              __FUNCTION__);
+         return -EINVAL;
+     };
+#ifdef IP_MTU_DISCOVER
+#ifdef IP_PMTUDISC_DONT
+    {
+        /* Don't set DF bit on outbound packets */
+        int val = IP_PMTUDISC_DONT;
+        if (setsockopt(server_socket, IPPROTO_IP, IP_MTU_DISCOVER, &val, sizeof(val)) < 0)
+        {
+            log (LOG_LOG, "Failed to disable PMTU discovery\n");
+        }
+    }
+#endif
+#endif
+     /* L2TP/IPSec: Set up SA for listening port here?  NTB 20011015
+      */
+     if (bind (server_socket, (struct sockaddr *) &server, sizeof (server)))